XProt is the ultimate configuration file & manager against many forms of hacking such as memory space access, malware, credential theft, denial of service attacks and rootkit deployments; both for almost all standard Windows services & specific programs. The following apps are almost fully protected (click categories to see detailed lists):
Microsoft Services
- Literally all (!) basic Windows programs running from start. Beyond recommendations (took a few bluescreens >.<)
- OneDrive
- File Explorer
- Smartscreen
- Windows Settings
- Task Manager
- Windows Store
- search index
- SSH
- svchost
- smss
- csrss
- conhost
- dashost
- OOBEbroker
- WMI
- wininit
- winlogon
- WerFault
- lsalso & lsass
- and many more (everything running on Windows OS)
Web Browsers
- Google Chrome (allowing extensions to run)
- Mozilla Firefox (fully functional with many protection settings)
- Internet Explorer (misclicks happen)
- Opera
- Safari
- Thorium
- Edge
- DuckDuckGo
Media Tools
- Audacity
- butt audio streaming
- Virtual DJ
- Photoshop
- Groove Music
- Winamp
- foobar2000
- iTunes
- Windows Media Player
- NDIRecord
- StreamDeck
- Yamaha Steinberg USB
- vMix64
- BlackMagic Video
- VLC Media Player
Communication Apps
- Skype
- Lync
- Pidgin
- Telegram
- MS Outlook
- Thunderbird
- Windows Live Mail
- Google Talk
- Armcord (a Discord client)
- Discord
Gaming
- Steam
- Ubisoft
- EA - Electronic Arts
- GOG Galaxy (edit version number in .XML file accordingly)
- EasyAntiCheat
- The Sims 4
- Cyberpunk 2077
- Firestorm viewer for Second Life
- Radegast
Networking
- dnscrypt-proxy
- Tor
- WARP 1.1.1.1
- OpenVPN
- WireGuard
- VPN Unlimited
Common Software
- Acrobat Reader PDF
- cmd
- Foxit PDF Reader
- Java
- MS Access
- MS Excel
- MS PowerPoint
- MS Word
- MS Wordpad
- MS Notepad
- Notepad++
- Obsidian
- OneNote
- Powershell
- Powershell ISE
- Sumatra PDF
- Visio
- WinZip
- 7Z
- ...
Other Executables
- Adobe (services)
- AMD (GPU driver)
- Edge Webview2 (works for Citrix Workspace, DuckDuckGo, Edge...)
- Everything
- HP (drivers)
- Intel (drivers)
- KeePassXC & proxy
- Open SSL
- NVIDIA
- Qbittorrent
- Qt Web Engine
- Real Converter
- RealPlay
- Realtek Audio
- SyncThing
- Thunderbolt
- WinRAR
- ...
Check settings of separate programs if features don't work. 90% of features are tested & all run w/ zero configuration
Windows Settings > Security & Privacy > Windows Security > App & browser control > Exploit protection settings > Program settings
Use this manager for Windows Exploit Protection (now with GUI). Update every so often (this will not remove other entries & gets the most recent xml online every time) - that's it! Reboot to complete the import
To install some background services you'll need to temporarily remove protection which can be done as well; reboot & install software, update again or import any local XML. After restarting the device (again), these stricter policies help against intrusions like botnets & cache exploits
- https://github.com/jdgregson/Exploit-Protection-Settings as to support Microsoft Office
- Added https://github.com/Strana-Mechty/ExploitProtection-Templates supporting Adobe, Telegram & more
- Calibrated with https://github.com/microsoft/ExploitProtectionConfiguration but all is already stricter
- https://www.thewindowsclub.com/ultimate-windows-tweaker-5-for-windows-11
- https://github.com/AndyFul/Hard_Configurator (further hardening of Windows)
Enjoy this metapod project, bringing together solutions to defend yourself online
Star this repository to receive updates & help others, you can also support this project via http://donate.frenzypenguin.media